Clojurians Log v2

Good Morning!

👋

morning

Morning

Good morning

Would people pay for commercial licenses for Clojure libraries that deal with things such as SAML, emails, etc? All the boring bits and plumbing that you have to wade through just to get to something useful.

I’m not talking about low level stuff, more like solving high level problems including eg email validation, monitoring, throttling, etc etc

For me, licensing valuable libraries is okay, as long as the licensing process is not too heavy, I can evaluate before buying and the licensing does not bind me for 20 years. I prefer buying support for open source libraries, but that’s a business model that is easily exploited (as we heard this week)

Guten morgen!

I like the license model where the closed license expires after a few years.

I can't see any issue. As long as x is never mutated further down the let or after an escape somewhere else. You are closing over it and reading it in another thread. Is the point of using immutable data structure in Clojure not to be able to pass that kind of references across threads without worrying? You only need an atom if your threads mutate x.

(forgot: Morning)

That’s a good one. For closed source libraries, bankruptcy of the vendor is a huge concern for companies, this would address that

I like the pricing of jOOQ. It’s free with Open Source databases, and the enterprisier the DBs you use get, the more expensive the license gets, too: http://www.jooq.org/download/

Agree, it’s one of the things that deters me from datomic usage.

morning

morning

I use JOOQ quite a bit, when doing Kotlin.

What does it even do? JPA but better?

much better, not JPA at all

It basically introspects your db and creates a DSL for writing plain old sql

I've used jOOQ. It's quite nice, but I didn't ever manage to make complex queries not look horrible

Well, SQL is quite optimized for what it does.

I'm spoilt now with HoneySQL

And when trying to extract stuff into methods, you can end up with crazy return types like SelectConditionStep<Record4<Long, Integer, Integer, Integer>>

Are you using Kotlin?

You can destructure that very nicely

No, Java

But that sounds interesting

.map { (foo, bar, baz, quz) -> ..... }

Using Kotlin really does make using JOOQ a lot lot nicer

Oh, yes. These times where I had to build a domain model User extends Entity<UserKey>> and so on. God bless persitent datastructures…

“These times” are still relevant for me 😫. Searching a way out of those Enterprise-Big-Company projects

Morning. Does anyone have a Raspberry Pi (64bit) here? There is now a non-official binary for babashka: https://github.com/babashka/babashka/issues/241#issuecomment-764009022

My Pi 4 Model B is due to arrive today

In Kotlin-land I'd like to play around with SQLDelight, but Kotlin + jOOQ could be fun

I only have 32bit RPis

I can give bb a whirl later

(Zero and 3B+)

I thought about getting an RPi 4, but it sounded like the power consumption was quite a lot higher

I've got a PoE Hat for it

plug'n'play 🙂

Here's a little bit of JOOQ + Kotlin, if people aren't offended 🙂

magnumDslContext
            .select(POI_TYPE.POI_TYPE_ID, POI_TYPE.UUID, POI_TYPE.NAME, POI_TYPE.ICON)
            .from(POI_TYPE)
            .where(POI_TYPE.UUID.eq(UUID.fromString(uuid)))
            .and(POI_TYPE.TENANT_ID.eq(tenantId))
            .fetchOne { (poiTypeId, uuid, name, icon) ->
                PoiType(_id = poiTypeId, id = uuid.toString(), name = PoiType.Type.valueOf(name), icon = icon)
            }

Does Kotlin support something like dynamic language’s “ad hoc” datastructures? Oh do you still need to define a static language model (classes) to hold data?

It's static, so you need what are called data classes

i.e.,

data class Foo (val name: String? = "", val age: Int? = 0)

I recently played with golang. I expected it to be hard to do dynamically typed things, but it's incredibly easy just by casting everything to interface{} :)

but with the Kotlin Dataclass, it takes default's, so I can just do var foo = Foo() and it'll prepopulate it with name = "" and age = 0

it supports destructing, so I can then do val (name, age) = foo

tbh, it's a very nice language, and when I'm working with my fellow co-workers, and in Kotlin lang, I'm quite happy

but you can pry Clojure from my cold dead hands :)

If you're interested, when trying to do something vaguely complex, we ended up with http://djm.blinkenshell.org/jooq_repository_example1.txt , which we refactored to use CTEs to try to make more readable, and ended up with http://djm.blinkenshell.org/jooq_repository_example2.txt I'm not sure if Kotlin has anything that would help with that

I'm also not sure if the CTE version is actually more readable :man-shrugging:

interesting!

We needed to pull out data for the first of the year, and the last day for each month that actually had any data

Morning

I certainly favour this approach far more than JPA.

Which I don't think I've used for many-a-year now!

Plain SQL is hard to beat, but we wanted the type safety of jOOQ... which did come in handy as the database was outside of our control, and kept changing, a lot!

Using Kotlin for the tests also helped for that, val expected = FooRecord.apply { id = 1, foo = 2, bar = 3, ... }, meant that our tests didn't keep breaking when the database changed

I share your pain, I have a db that is not under my control too, so yes, having JOOQ is superdoopar handy

@borkdude a suggestion clj-kondo upgrade

might belong to #clj-kondo

correct, sorry, I thought you were mutating stuff

Good morning!

morning

I think I’d be happy to pay for libs to solve auth etc, but I would want to have the source available to me.

I wonder if it makes economic sense via Patreon/GH sponsors etc to take on this role in a community.

I think what I would want is a system like the one used for Cursive, albeit a bit more complicated in some way, because I’d need access to the source code (at least once I started paying, or when I went into some agreement/NDA with them).

I'm happy (and do) contribute to open source. I'm always very nervous about anything proprietary in my stack

Not having access to source code is a major PITA when you need to debug

sry, contribute financially

I also do PRs 😉

@slipset one of my biggest concerns, too.

The thing I hope my company would be happy to pay for is a security lib that was, well secure.

@slipset how would you know when it’s open source?

Know what?

that it’s secure

I’m not sure I understand the question, but any how. Say that https://www.pac4j.org was delivered by a company who sold pac4j licenses to companies. I would probably be willing to pay for that, given that I also had access to the source code of the lib(s) I licensed.

If there were libs/shims for Clojure, I’d probably be willing to pay more.

Basically, I want to out-source security and the responsibility for fixing bugs in security libraries to a (knowledgeable) third party.

I guess something like https://www.pac4j.org/commercial-support.html is offering.

The company https://www.casinthecloud.com/index-en.html

belated goodmorning

@slipset I was refering to the access to source code.

Security evaluation is kind of a social thing, right? I trust latacora based on their reputation and because I’ve met lvh and he’s wicked smart, and spending all his time in security. I have no means to evaluate objectively if they’re actually good at security or not.

So paying a company to deal with security and releasing libraries that I could use, is helping them make such a reputation for themselves and hire good people etc etc. Much better than using a library that some company developed in-house and released after.

There’s a limit on how much auditing of 3rd-party dependencies on can reasonably do.

It is also nice as a consumer of a security lib to be in a somewhat more formalized contract situation than “I’ll fix it whenever”.

Even though I don’t like to enter into SLA’s myself.

and I'm not sure most commercial companies would have an SLA that would bind them to fixing something in a particular time frame

(the joke of one throat to choke)

most companies, like most organisations (and people!) will only be pushed into changing things if their largest donors threaten to abandon them

yeah, but successful companies won't be too beholden to any one customer

@matlux I agree with you, I assumed it as you described. The strange thing macroexpanding it gives an error. So I was wondering if it is a bad idea. Do you have an idea whats wrong expanding it?

(clojure.walk/macroexpand-all
   '(let [x 5]
      (clojure.core.async/go
        (println x))))

;; => Syntax error macroexpanding clojure.core.async/go at (your_project.cljc:93:3).
;;    Could not resolve var: x

indeed. it's a crappy situation (happened to a place where I worked in the past). 1 client that was basically 30% of the yearly revenue

sure, having a large set of diverse customers is the dream

I think that’s what Basecamp has done.

Strange indeed that it doesn’t macroexpand-all correctly. It does compile and execute though:

(let [x 5]
    (clojure.core.async/go
      (println x)))
=>
#object[clojure.core.async.impl.channels.ManyToManyChannel
        0x67080483
        "clojure.core.async.impl.channels.ManyToManyChannel@67080483"]
5

I have managed to macroexpand-all it by cheating the compiler:

(clojure.walk/macroexpand-all '(let [x 5]
                                 (clojure.core.async/go
                                   (println "x"))))